$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cd144c0e-abfa-4d44-b17a-0908985b6114.roa File: cd144c0e-abfa-4d44-b17a-0908985b6114.roa (raw, json) Hash identifier: XFReSUhiOotMsz1DepGz4GBRpin+bayzXQJs1dRlY68= Subject key identifier: 10:7C:20:D9:5D:24:EA:9C:1F:1A:87:FF:56:7B:41:8C:58:E0:2B:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68719F3042E8FC86DFF85851DCC299C7A4FAF946 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cd144c0e-abfa-4d44-b17a-0908985b6114.roa Signing time: Mon 11 May 2026 00:00:59 +0000 ROA not before: Mon 11 May 2026 00:00:59 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:71:9f:30:42:e8:fc:86:df:f8:58:51:dc:c2:99:c7:a4:fa:f9:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:00:59 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=57f8cd37ce9125fe64598f8fbf1770766c43d95a1137f1d9bd64dc36cf0dd815, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:a1:a3:a5:f2:6e:08:5b:ac:ed:34:f2:6f:c5: 5c:c3:8d:b6:ac:e4:86:f2:99:99:87:d4:2e:57:75: 53:6a:ec:11:34:b8:56:d9:59:36:35:91:f7:1e:e4: 90:67:14:68:5a:71:26:cd:71:13:9b:71:af:67:ea: 1b:de:00:b4:37:bf:a4:67:fa:db:dd:ec:80:47:52: e6:ad:e0:36:35:79:75:5f:b1:83:e8:c7:2b:99:be: 44:84:38:b5:9e:4b:8a:39:91:fd:db:7c:38:87:fa: d8:5d:ba:d6:7a:8a:f8:01:13:8b:e8:38:2f:7b:b7: c4:0c:e0:88:18:18:43:b4:dc:8c:80:cd:ba:98:c7: d1:d7:24:51:5c:0c:8a:8d:4c:5e:07:be:06:d0:5c: 11:93:f6:8e:6f:48:95:e9:6c:37:cb:ca:ac:55:f3: 8a:2d:20:57:bb:6e:7b:b2:a2:ff:ed:43:90:54:d1: d4:f6:0f:3d:a8:c4:89:70:1d:fa:6b:2e:04:65:22: c4:be:6e:ba:aa:62:9d:f2:fe:5e:af:ce:0a:7d:50: 85:f4:50:12:0a:b4:68:f4:89:21:94:0b:3e:66:08: bc:ab:bd:49:d6:f2:28:78:30:2b:a0:c0:a4:58:15: 97:47:ee:54:90:e2:7c:50:d8:36:c7:fa:1d:05:f0: a6:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:7C:20:D9:5D:24:EA:9C:1F:1A:87:FF:56:7B:41:8C:58:E0:2B:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cd144c0e-abfa-4d44-b17a-0908985b6114.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 38:f9:50:01:ed:7a:9e:58:e9:81:c9:96:4e:72:db:f6:75:7b: 52:59:81:95:d3:a1:c9:30:1b:ac:b7:e7:05:79:f1:2e:11:d9: a3:dc:74:d9:6e:51:bd:59:92:5f:9f:d2:c7:8a:7d:ae:38:a9: 50:0b:76:56:bf:c7:70:9d:ee:3c:30:00:48:ce:b6:7e:55:2c: 8f:4d:c8:cd:82:c2:4a:a1:79:94:a1:f0:14:64:34:a0:8d:d8: 5f:33:d5:aa:37:99:7b:d9:03:ee:6e:d7:86:c3:83:15:83:e7: 91:d4:a6:6a:52:de:a2:09:e1:50:cf:9c:11:7e:d7:14:2b:dd: fa:62:d5:4c:9f:fe:c6:7b:78:51:7a:70:ee:1d:93:5f:91:e5: 44:75:5e:bc:73:75:ff:20:c1:ee:1e:5d:cb:f0:b1:01:a8:dc: 48:87:8c:75:c4:76:c0:2b:37:d9:57:78:e1:c6:ec:34:6a:92: d7:df:cc:1b:c4:64:fc:33:51:f1:cc:bd:02:4e:63:5c:c2:82: 6d:fc:71:c2:87:44:83:2a:dd:36:e3:9c:f9:8c:99:82:ca:8d: f2:ce:60:8f:96:43:b8:17:a4:a7:ea:1a:24:f6:31:7c:f5:ea: dc:ae:15:24:55:e1:91:12:e5:5c:49:c6:1d:d0:16:8f:69:e7: 18:bd:dc:e1 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaHGfMELo/Ibf+FhR3MKZx6T6+UYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDA1OVoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNANTdmOGNkMzdjZTkxMjVmZTY0NTk4 ZjhmYmYxNzcwNzY2YzQzZDk1YTExMzdmMWQ5YmQ2NGRjMzZjZjBkZDgxNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKGjpfJuCFus7TTyb8Vcw422rOSG 8pmZh9QuV3VTauwRNLhW2Vk2NZH3HuSQZxRoWnEmzXETm3GvZ+ob3gC0N7+kZ/rb 3eyAR1LmreA2NXl1X7GD6Mcrmb5EhDi1nkuKOZH923w4h/rYXbrWeor4AROL6Dgv e7fEDOCIGBhDtNyMgM26mMfR1yRRXAyKjUxeB74G0FwRk/aOb0iV6Ww3y8qsVfOK LSBXu257sqL/7UOQVNHU9g89qMSJcB36ay4EZSLEvm66qmKd8v5er84KfVCF9FAS CrRo9IkhlAs+Zgi8q71J1vIoeDAroMCkWBWXR+5UkOJ8UNg2x/odBfCmfQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBB8INldJOqcHxqH/1Z7QYxY4CtVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NkMTQ0YzBlLWFiZmEtNGQ0NC1iMTdhLTA5MDg5ODViNjExNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGDAMA0GCSqGSIb3DQEBCwUAA4IBAQA4+VAB7XqeWOmByZZO ctv2dXtSWYGV06HJMBust+cFefEuEdmj3HTZblG9WZJfn9LHin2uOKlQC3ZWv8dw ne48MABIzrZ+VSyPTcjNgsJKoXmUofAUZDSgjdhfM9WqN5l72QPubteGw4MVg+eR 1KZqUt6iCeFQz5wRftcUK936YtVMn/7Ge3hRenDuHZNfkeVEdV68c3X/IMHuHl3L 8LEBqNxIh4x1xHbAKzfZV3jhxuw0apLX38wbxGT8M1HxzL0CTmNcwoJt/HHCh0SD Kt0245z5jJmCyo3yzmCPlkO4F6Sn6hok9jF89ercrhUkVeGREuVcScYd0BaPaecY vdzh -----END CERTIFICATE-----Generated at Tue May 12 23:47:27 2026 by rpki-client